13.3.9 - Practice Questions
Which option is a program that appears to be a legitimate application, utility, game, or screensaver and performs malicious surreptitiously? - ActiveX controls - Trojan horse - Outlook Express - Worm
Trojan horse
An attacker uses an exploit to push a modified hosts file to client systems. This hosts file redirects traffic from legitimate tax preparation sites to malicious sites to gather personal and financial information. What kind of exploit has been used in this scenario? (Select two. Both responses are different names for the same exploit.) - DNS poisoning - Pharming - Man-in-the-middle - Domain name kiting - Reconnaissance
- DNS poisoning - Pharming
You have installed anti-virus software on the computers on your network. You update the definition and engine files and configure the software to updates those files every day. What else should you do to protect your systems from malware? (Select two.) - Disable UAC. - Educate users about malware. - Enable chassis intrusion detection. - Enable account lockout. - Schedule regular full system scans.
- Educate users about malware. - Schedule regular full system scans.
Which of the following statements about the use of anti-virus software is correct? - If you install anti-virus software, you no longer need a firewall on your network. - Anti-virus software should be configured to download updated virus definition files as soon as they become available. - Once installed, anti-virus software needs to be updated on a monthly basis. - If servers on a network have anti-virus software installed, workstations do not need anti-virus software installed on them.
Anti-virus software should be configured to download updated virus definition files as soon as they become available.
Which of the following measures are you most likely to implement to protect a system from a worm or Trojan horse? - Antivirus software - IPsec - Password policy - Firewall
Antivirus software
A programmer that fails to check the length of input before processing, leaves his code vulnerable to what form of common attack? - Privilege escalation - Backdoor - Buffer overflow - Session hijacking
Buffer overflow
To tightly control the anti-malware settings on your computer, you elect to update the signature file manually. Even though you vigilantly update the signature file, the machine becomes infected with a new type of malware. Which of the following actions would best prevent this scenario from occurring again? - Configure the software to automatically download the virus definition files as soon as they become available. - Carefully review open firewall ports and close any unneeded ports. - Create a scheduled task to run sfc.exe daily. - Switch to a more reliable anti-virus software.
Configure the software to automatically download the virus definition files as soon as they become available.
An attacker sets up 100 drone computers that flood a DNS server with invalid requests. This is an example of which kind of attack? - DDos - Spamming - Backdoor - Dos - Replay
DDos
While using the internet, you type the URL of one of your favorite sites in the browser. Instead of going to the correct site, the browser displays a completely different website. When you use the IP address of the web server, the correct site is displayed. Which type of attack has likely occurred? - Man-in-the-middle - Hijacking - DNS poisoning - Spoofing
DNS poisoning
You have installed anti-malware software that checks for viruses in email attachments. You configure the software to quarantine any files with problems. You receive an email with an important attachment, but the attachment is not there. Instead, you see a message that the file has been quarantined by the anti-malware software. What has happened to the file? - It has been moved to a secure folder on your computer. - It has been deleted from your system. - The infection has been removed, and the file has been saved to a different location. - The file extension has been changed to prevent it from running.
It has been moved to a secure folder on your computer.
An attacker captures packets as they travel from one host to another with the intent of altering the contents of the packets. Which type of attack is being executed? - Man-in-the-middle attack - Distributed denial of service - Spamming - Passive logging
Man-in-the-middle attack
Which of they following is a form of denial of service attack that uses spoofed ICMP packets to flood a victim with echo requests using a bounce/amplification network? - Session hijacking - Fingerprinting - Fraggle - Smurf
Smurf
An attacker sends an unwanted and unsolicited email message to multiple recipients with an attachment that contains malware. What kind of attack has occurred in this scenario? - Spam - Open SMTP relay - Phishing - Repudiation attack
Spam
Which type of activity changes or falsifies information in order to mislead or re-direct traffic? - Spamming - Spoofing - Sniffing - Snooping
Spoofing
If your anti-virus software does not detect and remove a virus, what should you try first? - Update your virus detection software. - Scan the computer using another virus detection program. - Search for and delete the file you believe to be infected. - Set the read-only attribute of the file you believe to be infected.
Update your virus detection software.